Message ID | 20200110140017.15045-1-frank.vanbever@essensium.com |
---|---|
State | Superseded |
Headers | show |
Series | [1/2] libmodescurity: new package | expand |
Frank, On Fri, Jan 10, 2020 at 8:01 AM Frank Vanbever <frank.vanbever@essensium.com> wrote: > > Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> > --- > DEVELOPERS | 3 + > package/Config.in | 1 + > ...-CANONICAL_HOST-cannot-be-determined.patch | 31 ++++++++++ > ...test-for-uClinux-in-configure-script.patch | 28 +++++++++ > package/libmodsecurity/Config.in | 14 +++++ > package/libmodsecurity/libmodsecurity.hash | 4 ++ > package/libmodsecurity/libmodsecurity.mk | 59 +++++++++++++++++++ > 7 files changed, 140 insertions(+) > create mode 100644 package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > create mode 100644 package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch > create mode 100644 package/libmodsecurity/Config.in > create mode 100644 package/libmodsecurity/libmodsecurity.hash > create mode 100644 package/libmodsecurity/libmodsecurity.mk > > diff --git a/DEVELOPERS b/DEVELOPERS > index 80843dd1a1..534f4d746c 100644 > --- a/DEVELOPERS > +++ b/DEVELOPERS > @@ -955,6 +955,9 @@ F: package/ucl/ > F: package/upx/ > F: package/zxing-cpp/ > > +N: Frank Vanbever <frank.vanbever@essensium.com> > +F: package/libmodsecurity/ > + > N: Gaël Portay <gael.portay@collabora.com> > F: package/qt5/qt5virtualkeyboard/ > F: package/qt5/qt5webengine/ > diff --git a/package/Config.in b/package/Config.in > index 873a592d64..190cc4217c 100644 > --- a/package/Config.in > +++ b/package/Config.in > @@ -2032,6 +2032,7 @@ menu "Networking applications" > source "package/leafnode2/Config.in" > source "package/lft/Config.in" > source "package/lftp/Config.in" > + source "package/libmodsecurity/Config.in" > source "package/lighttpd/Config.in" > source "package/linknx/Config.in" > source "package/links/Config.in" > diff --git a/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > new file mode 100644 > index 0000000000..d725d136ff > --- /dev/null > +++ b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > @@ -0,0 +1,31 @@ > +From 0832208360aab69fbaec76225db67801840a33fe Mon Sep 17 00:00:00 2001 > +From: Frank Vanbever <frank.vanbever@essensium.com> > +Date: Fri, 10 Jan 2020 11:14:43 +0100 > +Subject: [PATCH] Fail when CANONICAL_HOST cannot be determined > + > +When the CANONICAL_HOST is unknown the configure script exits > +with exit code 0 even though no makefile was produced. > + > +patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235 > + > +Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> > +--- > + configure.ac | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/configure.ac b/configure.ac > +index 95e48843..5e6971f4 100644 > +--- a/configure.ac > ++++ b/configure.ac > +@@ -193,7 +193,7 @@ case $host in > + ;; > + *) > + echo "Unknown CANONICAL_HOST $host" > +- exit > ++ exit 1 > + ;; > + esac > + > +-- > +2.20.1 > + > diff --git a/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch b/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch > new file mode 100644 > index 0000000000..73022f31f2 > --- /dev/null > +++ b/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch > @@ -0,0 +1,28 @@ > +From 13c505e30474c919ed9ae552e459769c456da21e Mon Sep 17 00:00:00 2001 > +From: Frank Vanbever <frank.vanbever@essensium.com> > +Date: Fri, 10 Jan 2020 11:24:43 +0100 > +Subject: [PATCH] test for uClinux in configure script > + > +patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235 > + > +Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> > +--- > + configure.ac | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/configure.ac b/configure.ac > +index 5e6971f4..51d38071 100644 > +--- a/configure.ac > ++++ b/configure.ac > +@@ -156,7 +156,7 @@ case $host in > + AC_DEFINE([MACOSX], [1], [Define if the operating system is Macintosh OSX]) > + PLATFORM="MacOSX" > + ;; > +- *-*-linux*) > ++ *-*-linux* | *-*uclinux*) > + echo "Checking platform... Identified as Linux" > + AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX]) > + PLATFORM="Linux" > +-- > +2.20.1 > + > diff --git a/package/libmodsecurity/Config.in b/package/libmodsecurity/Config.in > new file mode 100644 > index 0000000000..ddd4170945 > --- /dev/null > +++ b/package/libmodsecurity/Config.in > @@ -0,0 +1,14 @@ > +config BR2_PACKAGE_LIBMODSECURITY > + bool "libmodsecurity" > + select BR2_PACKAGE_PCRE > + help > + Libmodsecurity is one component of the ModSecurity > + v3 project. The library codebase serves as an > + interface to ModSecurity Connectors taking in web > + traffic and applying traditional ModSecurity > + processing. In general, it provides the capability > + to load/interpret rules written in the ModSecurity > + SecRules format and apply them to HTTP content > + provided by your application via Connectors. > + > + https://github.com/SpiderLabs/ModSecurity > diff --git a/package/libmodsecurity/libmodsecurity.hash b/package/libmodsecurity/libmodsecurity.hash > new file mode 100644 > index 0000000000..29c0a079fe > --- /dev/null > +++ b/package/libmodsecurity/libmodsecurity.hash > @@ -0,0 +1,4 @@ > +# From https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.3/modsecurity-v3.0.3.tar.gz.sha256 > +sha256 8aa1300105d8cc23315a5e54421192bc617a66246ad004bd89e67c232208d0f4 modsecurity-v3.0.3.tar.gz > +# Localy calculated > +sha256 c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4 LICENSE > diff --git a/package/libmodsecurity/libmodsecurity.mk b/package/libmodsecurity/libmodsecurity.mk > new file mode 100644 > index 0000000000..991402057d > --- /dev/null > +++ b/package/libmodsecurity/libmodsecurity.mk > @@ -0,0 +1,59 @@ > +################################################################################ > +# > +# libmodsecurity > +# > +################################################################################ > + > +LIBMODSECURITY_VERSION = 3.0.3 > +LIBMODSECURITY_SOURCE = modsecurity-v$(LIBMODSECURITY_VERSION).tar.gz > +LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/$(LIBMODSECURITY_VERSION) This site path doesn't seem to work and needs a v before the $. Current URL looks like (https://github.com/SpiderLabs/ModSecurity/releases/download/3.0.3/modsecurity-v3.0.3.tar.gz) LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/v$(LIBMODSECURITY_VERSION) > +LIBMODSECURITY_INSTALL_STAGING = YES > +LIBMODSECURITY_LICENSE = Apache-2.0 > +LIBMODSECURITY_LICENSE_FILES = LICENSE > +LIBMODSECURITY_AUTORECONF = YES > +LIBMODSECURITY_CONF_ENV = \ > + ac_cv_file_others_libinjection_src_libinjection_html5_c=yes # Necessary to work around AC_CHECK_FILE cross-compile limitation > + > +LIBMODSECURITY_DEPENDENCIES = pcre It can't seem to currently find the pcre library. Here's the error and my reduced build config (Ubuntu 18.04 machine) configure: SSDEEP library was not found configure: Support for LUA was disabled by the utilization of --without-lua or --with-lua=no checking for libcurl config script... no configure: *** curl library not found. checking for libxml2 config script... no configure: *** libxml2 library not found. checking for libpcre config script... no configure: *** pcre library not found. configure: error: pcre library is required BR2_aarch64=y BR2_TOOLCHAIN_EXTERNAL=y BR2_LINUX_KERNEL=y BR2_LINUX_KERNEL_CUSTOM_VERSION=y BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.16.7" BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="board/qemu/aarch64-virt/linux.config" BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y BR2_PACKAGE_NGINX=y BR2_PACKAGE_NGINX_MODSECURITY=y BR2_TARGET_ROOTFS_EXT2=y # BR2_TARGET_ROOTFS_TAR is not set > +LIBMODSECURITY_CONF_OPTS = --disable-examples > + > +ifeq ($(BR2_PACKAGE_LIBXML2),y) > +LIBMODSECURITY_DEPENDENCIES += libxml2 > +LIBMODSECURITY_CONF_OPTS += --with-libxml="$(STAGING_DIR)" > +else > +LIBMODSECURITY_CONF_OPTS += --with-libxml="no" > +endif > + > +ifeq ($(BR2_PACKAGE_LIBCURL),y) > +LIBMODSECURITY_DEPENDENCIES += libcurl > +LIBMODSECURITY_CONF_OPTS += --with-curl="$(STAGING_DIR)" > +else > +LIBMODSECURITY_CONF_OPTS += --with-curl="no" > +endif > + > +ifeq ($(BR2_PACKAGE_YAJL),y) > +LIBMODSECURITY_DEPENDENCIES += yajl > +else > +LIBMODSECURITY_CONF_OPTS += --with-yajl="no" > +endif > + > +ifeq ($(BR2_PACKAGE_GEOIP),y) > +LIBMODSECURITY_DEPENDENCIES += geoip > +else > +LIBMODSECURITY_CONF_OPTS += --with-geoip="no" > +endif > + > +ifeq ($(BR2_PACKAGE_LIBMAXMINDDB),y) > +LIBMODSECURITY_DEPENDENCIES += libmaxminddb > +else > +LIBMODSECURITY_CONF_OPTS += --with-maxmind="no" > +endif > + > +ifeq ($(BR2_PACKAGE_LUA),y) > +LIBMODSECURITY_DEPENDENCIES += lua > +LIBMODSECURITY_CONF_OPTS += --with-lua="$(STAGING_DIR)" > +else > +LIBMODSECURITY_CONF_OPTS += --with-lua="no" > +endif > + > +$(eval $(autotools-package)) > -- > 2.20.1 > > _______________________________________________ > buildroot mailing list > buildroot@busybox.net > http://lists.busybox.net/mailman/listinfo/buildroot
>>>>> "Frank" == Frank Vanbever <frank.vanbever@essensium.com> writes: Thanks for the patch! A few comments: s|libmodescurity|package/libmodsecurity| in the subject. > Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> > --- > DEVELOPERS | 3 + > package/Config.in | 1 + > ...-CANONICAL_HOST-cannot-be-determined.patch | 31 ++++++++++ > ...test-for-uClinux-in-configure-script.patch | 28 +++++++++ > package/libmodsecurity/Config.in | 14 +++++ > package/libmodsecurity/libmodsecurity.hash | 4 ++ > package/libmodsecurity/libmodsecurity.mk | 59 +++++++++++++++++++ > 7 files changed, 140 insertions(+) > create mode 100644 package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > create mode 100644 package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch > create mode 100644 package/libmodsecurity/Config.in > create mode 100644 package/libmodsecurity/libmodsecurity.hash > create mode 100644 package/libmodsecurity/libmodsecurity.mk > diff --git a/DEVELOPERS b/DEVELOPERS > index 80843dd1a1..534f4d746c 100644 > --- a/DEVELOPERS > +++ b/DEVELOPERS > @@ -955,6 +955,9 @@ F: package/ucl/ > F: package/upx/ > F: package/zxing-cpp/ > +N: Frank Vanbever <frank.vanbever@essensium.com> > +F: package/libmodsecurity/ > + > N: Gaël Portay <gael.portay@collabora.com> > F: package/qt5/qt5virtualkeyboard/ > F: package/qt5/qt5webengine/ > diff --git a/package/Config.in b/package/Config.in > index 873a592d64..190cc4217c 100644 > --- a/package/Config.in > +++ b/package/Config.in > @@ -2032,6 +2032,7 @@ menu "Networking applications" > source "package/leafnode2/Config.in" > source "package/lft/Config.in" > source "package/lftp/Config.in" > + source "package/libmodsecurity/Config.in" Isn't libmodsecurity a library? If so, then a better location would be Libraries -> Networking or Libraries -> Security > source "package/lighttpd/Config.in" > source "package/linknx/Config.in" > source "package/links/Config.in" > diff --git a/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > new file mode 100644 > index 0000000000..d725d136ff > --- /dev/null > +++ b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > @@ -0,0 +1,31 @@ > +From 0832208360aab69fbaec76225db67801840a33fe Mon Sep 17 00:00:00 2001 > +From: Frank Vanbever <frank.vanbever@essensium.com> > +Date: Fri, 10 Jan 2020 11:14:43 +0100 > +Subject: [PATCH] Fail when CANONICAL_HOST cannot be determined > + > +When the CANONICAL_HOST is unknown the configure script exits > +with exit code 0 even though no makefile was produced. > + > +patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235 > + > +Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> > +--- > + configure.ac | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/configure.ac b/configure.ac > +index 95e48843..5e6971f4 100644 > +--- a/configure.ac > ++++ b/configure.ac > +@@ -193,7 +193,7 @@ case $host in > + ;; > + *) > + echo "Unknown CANONICAL_HOST $host" > +- exit > ++ exit 1 What is the use of this patch in Buildroot? I mean, it looks correct but we should ensure the configure script can correctly detect CANONICAL_HOST (whatever that is), so this should never trigger? > +++ b/package/libmodsecurity/libmodsecurity.mk > @@ -0,0 +1,59 @@ > +################################################################################ > +# > +# libmodsecurity > +# > +################################################################################ > + > +LIBMODSECURITY_VERSION = 3.0.3 > +LIBMODSECURITY_SOURCE = modsecurity-v$(LIBMODSECURITY_VERSION).tar.gz > +LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/$(LIBMODSECURITY_VERSION) > +LIBMODSECURITY_INSTALL_STAGING = YES > +LIBMODSECURITY_LICENSE = Apache-2.0 > +LIBMODSECURITY_LICENSE_FILES = LICENSE > +LIBMODSECURITY_AUTORECONF = YES Please add a comment about why this is done, E.G. 0002-test-for-uClinux-in-configure-script.patch > +LIBMODSECURITY_CONF_ENV = \ > + ac_cv_file_others_libinjection_src_libinjection_html5_c=yes # Necessary to work around AC_CHECK_FILE cross-compile limitation > + > +LIBMODSECURITY_DEPENDENCIES = pcre > +LIBMODSECURITY_CONF_OPTS = --disable-examples One space too many after = > + > +ifeq ($(BR2_PACKAGE_LIBXML2),y) > +LIBMODSECURITY_DEPENDENCIES += libxml2 > +LIBMODSECURITY_CONF_OPTS += --with-libxml="$(STAGING_DIR)" > +else > +LIBMODSECURITY_CONF_OPTS += --with-libxml="no" Is the more standard --without-libxml not supported? > +ifeq ($(BR2_PACKAGE_LUA),y) > +LIBMODSECURITY_DEPENDENCIES += lua Does this work both with lua 5.1 and 5.3?
On 10/01/2020 16:19, Peter Korsgaard wrote: > > diff --git a/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > > new file mode 100644 > > index 0000000000..d725d136ff > > --- /dev/null > > +++ b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch > > @@ -0,0 +1,31 @@ > > +From 0832208360aab69fbaec76225db67801840a33fe Mon Sep 17 00:00:00 2001 > > +From: Frank Vanbever <frank.vanbever@essensium.com> > > +Date: Fri, 10 Jan 2020 11:14:43 +0100 > > +Subject: [PATCH] Fail when CANONICAL_HOST cannot be determined > > + > > +When the CANONICAL_HOST is unknown the configure script exits > > +with exit code 0 even though no makefile was produced. > > + > > +patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235 > > + > > +Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> > > +--- > > + configure.ac | 2 +- > > + 1 file changed, 1 insertion(+), 1 deletion(-) > > + > > +diff --git a/configure.ac b/configure.ac > > +index 95e48843..5e6971f4 100644 > > +--- a/configure.ac > > ++++ b/configure.ac > > +@@ -193,7 +193,7 @@ case $host in > > + ;; > > + *) > > + echo "Unknown CANONICAL_HOST $host" > > +- exit > > ++ exit 1 > > What is the use of this patch in Buildroot? I mean, it looks correct but > we should ensure the configure script can correctly detect > CANONICAL_HOST (whatever that is), so this should never trigger? Without this patch, if there is some platform for which CANONICAL_HOST does not get set correctly, you get a very cryptic error instead of a failure of the configure step. So hopefully this patch isn't needed, but if it is actually needed because CANONICAL_HOST is still not correct, it helps us a lot. In other words, I would keep it in Buildroot. Regards, Arnout
>>>>> "Arnout" == Arnout Vandecappelle <arnout@mind.be> writes: Hi, >> > +- exit >> > ++ exit 1 >> >> What is the use of this patch in Buildroot? I mean, it looks correct but >> we should ensure the configure script can correctly detect >> CANONICAL_HOST (whatever that is), so this should never trigger? > Without this patch, if there is some platform for which CANONICAL_HOST does not > get set correctly, you get a very cryptic error instead of a failure of the > configure step. So hopefully this patch isn't needed, but if it is actually > needed because CANONICAL_HOST is still not correct, it helps us a lot. > In other words, I would keep it in Buildroot. Fine by me, and it hopefully will soon be applied upstream.
diff --git a/DEVELOPERS b/DEVELOPERS index 80843dd1a1..534f4d746c 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -955,6 +955,9 @@ F: package/ucl/ F: package/upx/ F: package/zxing-cpp/ +N: Frank Vanbever <frank.vanbever@essensium.com> +F: package/libmodsecurity/ + N: Gaël Portay <gael.portay@collabora.com> F: package/qt5/qt5virtualkeyboard/ F: package/qt5/qt5webengine/ diff --git a/package/Config.in b/package/Config.in index 873a592d64..190cc4217c 100644 --- a/package/Config.in +++ b/package/Config.in @@ -2032,6 +2032,7 @@ menu "Networking applications" source "package/leafnode2/Config.in" source "package/lft/Config.in" source "package/lftp/Config.in" + source "package/libmodsecurity/Config.in" source "package/lighttpd/Config.in" source "package/linknx/Config.in" source "package/links/Config.in" diff --git a/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch new file mode 100644 index 0000000000..d725d136ff --- /dev/null +++ b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch @@ -0,0 +1,31 @@ +From 0832208360aab69fbaec76225db67801840a33fe Mon Sep 17 00:00:00 2001 +From: Frank Vanbever <frank.vanbever@essensium.com> +Date: Fri, 10 Jan 2020 11:14:43 +0100 +Subject: [PATCH] Fail when CANONICAL_HOST cannot be determined + +When the CANONICAL_HOST is unknown the configure script exits +with exit code 0 even though no makefile was produced. + +patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235 + +Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 95e48843..5e6971f4 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -193,7 +193,7 @@ case $host in + ;; + *) + echo "Unknown CANONICAL_HOST $host" +- exit ++ exit 1 + ;; + esac + +-- +2.20.1 + diff --git a/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch b/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch new file mode 100644 index 0000000000..73022f31f2 --- /dev/null +++ b/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch @@ -0,0 +1,28 @@ +From 13c505e30474c919ed9ae552e459769c456da21e Mon Sep 17 00:00:00 2001 +From: Frank Vanbever <frank.vanbever@essensium.com> +Date: Fri, 10 Jan 2020 11:24:43 +0100 +Subject: [PATCH] test for uClinux in configure script + +patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235 + +Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 5e6971f4..51d38071 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -156,7 +156,7 @@ case $host in + AC_DEFINE([MACOSX], [1], [Define if the operating system is Macintosh OSX]) + PLATFORM="MacOSX" + ;; +- *-*-linux*) ++ *-*-linux* | *-*uclinux*) + echo "Checking platform... Identified as Linux" + AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX]) + PLATFORM="Linux" +-- +2.20.1 + diff --git a/package/libmodsecurity/Config.in b/package/libmodsecurity/Config.in new file mode 100644 index 0000000000..ddd4170945 --- /dev/null +++ b/package/libmodsecurity/Config.in @@ -0,0 +1,14 @@ +config BR2_PACKAGE_LIBMODSECURITY + bool "libmodsecurity" + select BR2_PACKAGE_PCRE + help + Libmodsecurity is one component of the ModSecurity + v3 project. The library codebase serves as an + interface to ModSecurity Connectors taking in web + traffic and applying traditional ModSecurity + processing. In general, it provides the capability + to load/interpret rules written in the ModSecurity + SecRules format and apply them to HTTP content + provided by your application via Connectors. + + https://github.com/SpiderLabs/ModSecurity diff --git a/package/libmodsecurity/libmodsecurity.hash b/package/libmodsecurity/libmodsecurity.hash new file mode 100644 index 0000000000..29c0a079fe --- /dev/null +++ b/package/libmodsecurity/libmodsecurity.hash @@ -0,0 +1,4 @@ +# From https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.3/modsecurity-v3.0.3.tar.gz.sha256 +sha256 8aa1300105d8cc23315a5e54421192bc617a66246ad004bd89e67c232208d0f4 modsecurity-v3.0.3.tar.gz +# Localy calculated +sha256 c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4 LICENSE diff --git a/package/libmodsecurity/libmodsecurity.mk b/package/libmodsecurity/libmodsecurity.mk new file mode 100644 index 0000000000..991402057d --- /dev/null +++ b/package/libmodsecurity/libmodsecurity.mk @@ -0,0 +1,59 @@ +################################################################################ +# +# libmodsecurity +# +################################################################################ + +LIBMODSECURITY_VERSION = 3.0.3 +LIBMODSECURITY_SOURCE = modsecurity-v$(LIBMODSECURITY_VERSION).tar.gz +LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/$(LIBMODSECURITY_VERSION) +LIBMODSECURITY_INSTALL_STAGING = YES +LIBMODSECURITY_LICENSE = Apache-2.0 +LIBMODSECURITY_LICENSE_FILES = LICENSE +LIBMODSECURITY_AUTORECONF = YES +LIBMODSECURITY_CONF_ENV = \ + ac_cv_file_others_libinjection_src_libinjection_html5_c=yes # Necessary to work around AC_CHECK_FILE cross-compile limitation + +LIBMODSECURITY_DEPENDENCIES = pcre +LIBMODSECURITY_CONF_OPTS = --disable-examples + +ifeq ($(BR2_PACKAGE_LIBXML2),y) +LIBMODSECURITY_DEPENDENCIES += libxml2 +LIBMODSECURITY_CONF_OPTS += --with-libxml="$(STAGING_DIR)" +else +LIBMODSECURITY_CONF_OPTS += --with-libxml="no" +endif + +ifeq ($(BR2_PACKAGE_LIBCURL),y) +LIBMODSECURITY_DEPENDENCIES += libcurl +LIBMODSECURITY_CONF_OPTS += --with-curl="$(STAGING_DIR)" +else +LIBMODSECURITY_CONF_OPTS += --with-curl="no" +endif + +ifeq ($(BR2_PACKAGE_YAJL),y) +LIBMODSECURITY_DEPENDENCIES += yajl +else +LIBMODSECURITY_CONF_OPTS += --with-yajl="no" +endif + +ifeq ($(BR2_PACKAGE_GEOIP),y) +LIBMODSECURITY_DEPENDENCIES += geoip +else +LIBMODSECURITY_CONF_OPTS += --with-geoip="no" +endif + +ifeq ($(BR2_PACKAGE_LIBMAXMINDDB),y) +LIBMODSECURITY_DEPENDENCIES += libmaxminddb +else +LIBMODSECURITY_CONF_OPTS += --with-maxmind="no" +endif + +ifeq ($(BR2_PACKAGE_LUA),y) +LIBMODSECURITY_DEPENDENCIES += lua +LIBMODSECURITY_CONF_OPTS += --with-lua="$(STAGING_DIR)" +else +LIBMODSECURITY_CONF_OPTS += --with-lua="no" +endif + +$(eval $(autotools-package))
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com> --- DEVELOPERS | 3 + package/Config.in | 1 + ...-CANONICAL_HOST-cannot-be-determined.patch | 31 ++++++++++ ...test-for-uClinux-in-configure-script.patch | 28 +++++++++ package/libmodsecurity/Config.in | 14 +++++ package/libmodsecurity/libmodsecurity.hash | 4 ++ package/libmodsecurity/libmodsecurity.mk | 59 +++++++++++++++++++ 7 files changed, 140 insertions(+) create mode 100644 package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch create mode 100644 package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch create mode 100644 package/libmodsecurity/Config.in create mode 100644 package/libmodsecurity/libmodsecurity.hash create mode 100644 package/libmodsecurity/libmodsecurity.mk